Fix: fix auto-close after giving a document away

This commit is contained in:
shamoon 2025-03-21 08:08:36 -07:00
parent 5d6cfa7349
commit c27e3c75cd
No known key found for this signature in database
4 changed files with 49 additions and 6 deletions

View File

@ -1,5 +1,9 @@
import { DatePipe } from '@angular/common'
import { provideHttpClient, withInterceptorsFromDi } from '@angular/common/http'
import {
HttpErrorResponse,
provideHttpClient,
withInterceptorsFromDi,
} from '@angular/common/http'
import {
HttpTestingController,
provideHttpClientTesting,
@ -503,7 +507,7 @@ describe('DocumentDetailComponent', () => {
const updateSpy = jest.spyOn(documentService, 'update')
const toastSpy = jest.spyOn(toastService, 'showInfo')
updateSpy.mockImplementation(() =>
throwError(() => new Error('failed to save'))
throwError(() => new HttpErrorResponse({ status: 403 }))
)
component.save(true)
expect(updateSpy).toHaveBeenCalled()

View File

@ -824,11 +824,13 @@ export class DocumentDetailComponent
},
error: (error) => {
this.networkActive = false
if (!this.userCanEdit) {
if (error.status === 403) {
// e.g. document was 'given away'
this.openDocumentService.setDirty(this.document, false)
this.toastService.showInfo(
$localize`Document "${this.document.title}" saved successfully.`
)
close && this.close()
this.close()
} else {
this.error = error.error
this.toastService.showError(

View File

@ -262,6 +262,34 @@ class TestDocumentApi(DirectoriesMixin, DocumentConsumeDelayMixin, APITestCase):
response = self.client.get(f"/api/documents/{doc.pk}/thumb/")
self.assertEqual(response.status_code, status.HTTP_200_OK)
def test_document_given_away(self):
"""
GIVEN:
- Document with owner
WHEN:
- Document is update and given away
THEN:
- 403 Forbidden is returned
"""
non_superuser = User.objects.create_user(username="test")
non_superuser.user_permissions.add(*Permission.objects.all())
self.client.force_authenticate(user=non_superuser)
doc = Document.objects.create(
title="none",
checksum="123",
mime_type="application/pdf",
owner=non_superuser,
)
response = self.client.patch(
f"/api/documents/{doc.pk}/",
{"owner": self.user.id},
format="json",
)
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
@override_settings(FILENAME_FORMAT="")
def test_download_with_archive(self):
content = b"This is a test"

View File

@ -580,15 +580,24 @@ class DocumentViewSet(
def update(self, request, *args, **kwargs):
response = super().update(request, *args, **kwargs)
try:
doc = self.get_object()
except Http404:
# if we get this far document it was probably 'given away'
doc = Document.objects.get(id=kwargs["pk"])
from documents import index
index.add_or_update_document(self.get_object())
index.add_or_update_document(doc)
document_updated.send(
sender=self.__class__,
document=self.get_object(),
document=doc,
)
if not has_perms_owner_aware(request.user, "change_document", doc):
return HttpResponseForbidden("Insufficient permissions")
return response
def destroy(self, request, *args, **kwargs):